Archive for the 'Antivirus' Category

Get rid of XCP rootkit through Windows Update

Thursday, December 15th, 2005

According to Betanews, the newest release of the Malicious Software Removal Tool from Microsoft, which is available through Windows Update, removes the XCP rootkit and the vulnerable ActiveX control from the XCP uninstaller. Microsoft still hasn’t stepped up to the plate to uninstall all of XCP, though; you still have to go to Sony BMG […]

Information Week: security industry not doing its job

Monday, November 21st, 2005

I have a big backlog of posts from the weekend and will try to push them through quickly. First up, InformationWeek, who say that the Sony case suggests that the security industry was caught napping:
“[For] at least for seven months, Sony BMG Music CD buyers have been installing rootkits on their PCs. Why then did […]

Sony apologizes, withdraws uninstaller, not before shooting self in foot

Thursday, November 17th, 2005

I am starting to know what it must feel like to be in Sony’s PR department. Every time I think that this colossal shambling nightmare of Sony DRM has gone away, and that I can afford to take a morning without monitoring Google News for new developments, a half dozen things pop up.
Today it’s the […]

Microsoft steps up to the plate, kind of

Sunday, November 13th, 2005

CNET Microsoft will wipe Sony’s ‘rootkit’. Microsoft’s newly renamed Windows Defender, the software formerly known as the Windows Anti-Spyware Tool, has been updated to detect and remove the cloaking mechanism employed by Sony BMG’s XCP copy protection.
Unfortunately, it looks like Microsoft will leave the actual DRM mechanism intact.

More exploits of the Sony rootkit; news from AV vendors

Friday, November 11th, 2005 reports on additional variants of the exploit observed yesterday, called Backdoor.IRC.Synd.a and Backdoor.IRC.Synd.B, reported by the antivirus company BitDefender. I’m not sure if one of these is the same as Backdoor.win32.Breplibot.b; different vendors give the same virus different names.
ZoneAlarm is now the second anti-virus company, after CA, to claim that they can identify and […]

Italy, Computer Associates: if it looks like spyware, it’s spyware

Tuesday, November 8th, 2005

If possible, this Sony rootkit case is generating even more interest abroad than it is here. I got a passel of Swedish readers from yesterday’s link on the Swedish IDG site, and last night/this morning Damian from the UK and Giorgio from Italy pointed separately to information about a criminal investigation against Sony in Italy.
The […]